Export limit exceeded: 10566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10566 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25810 | 2 Praskla-technology, Prasklatechnology | 2 Assessment-placipy, Placipy | 2026-04-17 | 9.1 Critical |
| PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission.routes.ts verify authentication but fails to enforce object-level authorization (ownership checks). | ||||
| CVE-2026-25806 | 2 Praskla-technology, Prasklatechnology | 2 Assessment-placipy, Placipy | 2026-04-17 | 6.5 Medium |
| PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do not enforce authorization. The application does not verify whether the authenticated user owns the student record being accessed, has an administrative / staff role, or is permitted to modify or delete the target student. | ||||
| CVE-2026-25811 | 2 Praskla-technology, Prasklatechnology | 2 Assessment-placipy, Placipy | 2026-04-17 | 9.1 Critical |
| PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant identifier directly from the email domain provided by the user, without validating domain ownership or registration. This allows cross-tenant data access. | ||||
| CVE-2026-25875 | 2 Praskla-technology, Prasklatechnology | 2 Assessment-placipy, Placipy | 2026-04-17 | 9.8 Critical |
| PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims (role and scope) without enforcing server-side role verification. | ||||
| CVE-2026-25890 | 1 Filebrowser | 1 Filebrowser | 2026-04-17 | 8.1 High |
| File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, an authenticated user can bypass the application's "Disallow" file path rules by modifying the request URL. By adding multiple slashes (e.g., //private/) to the path, the authorization check fails to match the rule, while the underlying filesystem resolves the path correctly, granting unauthorized access to restricted files. This vulnerability is fixed in 2.57.1. | ||||
| CVE-2026-0488 | 2 Sap, Sap Se | 4 Netweaver Application Server Abap, S\/4hana, Webclient Ui Framework and 1 more | 2026-04-17 | 9.9 Critical |
| An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability. | ||||
| CVE-2026-0509 | 2 Sap, Sap Se | 4 Netweaver As Abap Kernel, Netweaver As Abap Krnl64nuc, Netweaver As Abap Krnl64uc and 1 more | 2026-04-17 | 9.6 Critical |
| SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the confidentiality of the application. | ||||
| CVE-2026-23681 | 2 Sap, Sap Se | 2 Solution Tools Plug-in, Sap Support Tools Plug-in | 2026-04-17 | 4.3 Medium |
| Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan subsequent attacks. This vulnerability has a low impact on the confidentiality of the application, with no effect on its integrity or availability. | ||||
| CVE-2026-23688 | 2 Sap, Sap Se | 2 S4core, Sap Fiori App (manage Service Entry Sheets - Lean Services) | 2026-04-17 | 4.3 Medium |
| SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted. | ||||
| CVE-2026-24312 | 1 Sap | 2 Business Workflow, Sap Basis | 2026-04-17 | 5.2 Medium |
| An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application. | ||||
| CVE-2026-24322 | 2 Sap, Sap Se | 2 Solution Tools Plug-in, Sap Solution Tools Plug-in (st-pi) | 2026-04-17 | 7.7 High |
| SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability. | ||||
| CVE-2026-24326 | 2 Sap, Sap Se | 2 S\/4hana Defense \& Security, Sap S/4hana Defense & Security (disconnected Operations) | 2026-04-17 | 4.3 Medium |
| Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on confidentiality or availability of the application. | ||||
| CVE-2026-24327 | 2 Sap, Sap Se | 2 Strategic Enterprise Management, Sap Strategic Enterprise Management (balanced Scorecard In Bsp Application) | 2026-04-17 | 4.3 Medium |
| Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability. | ||||
| CVE-2026-21743 | 1 Fortinet | 1 Fortiauthenticator | 2026-04-17 | 6.8 Medium |
| A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotected endpoint. | ||||
| CVE-2026-25609 | 1 Mongodb | 1 Mongodb | 2026-04-17 | 5.4 Medium |
| Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only. | ||||
| CVE-2026-25633 | 1 Statamic | 2 Cms, Statamic | 2026-04-17 | 4.3 Medium |
| Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take advantage of this. This has been fixed in 5.73.6 and 6.2.5. | ||||
| CVE-2026-25924 | 1 Kanboard | 1 Kanboard | 2026-04-17 | 8.5 High |
| Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution (RCE). Although the application correctly hides the plugin installation interface when the PLUGIN_INSTALLER configuration is set to false, the underlying backend endpoint fails to verify this security setting. An attacker can exploit this oversight to force the server to download and install a malicious plugin, leading to arbitrary code execution. This vulnerability is fixed in 1.2.50. | ||||
| CVE-2026-26012 | 1 Dani-garcia | 1 Vaultwarden | 2026-04-17 | 6.5 Medium |
| vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to 1.35.3, a regular organization member can retrieve all ciphers within an organization, regardless of collection permissions. The endpoint /ciphers/organization-details is accessible to any organization member and internally uses Cipher::find_by_org to retrieve all ciphers. These ciphers are returned with CipherSyncType::Organization without enforcing collection-level access control. This vulnerability is fixed in 1.35.3. | ||||
| CVE-2026-26031 | 1 Frappe | 2 Frappe Lms, Learning | 2026-04-17 | 5.3 Medium |
| Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.44.0, security issue was identified in Frappe Learning, where unauthorised users were able to access the full list of enrolled students (by email) in batches. This vulnerability is fixed in 2.44.0. | ||||
| CVE-2026-22892 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2026-04-17 | 4.3 Medium |
| Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to validate user permissions when creating Jira issues from Mattermost posts, which allows an authenticated attacker with access to the Jira plugin to read post content and attachments from channels they do not have access to via the /create-issue API endpoint by providing the post ID of an inaccessible post.. Mattermost Advisory ID: MMSA-2025-00550 | ||||